The Beats Lab – User Profiles and System Settings

January 31st, 2014 by Jason Riffel

Introducing The Beats Lab

I have to admit – every week is a pretty good week working here but this week was extra special because I was lucky enough to travel to a customer site who I consider a special customer. We got to work on some really cool new technology which we will probably discuss in an up and coming “Beats Lab” article. I straight up stole the term “Beats Lab” from them as that is what they call our office. I take it as a huge compliment and I love the name. My relationship with this customer is always focused on doing new and exciting things with our core technology so I am dedicating all our technical articles going forward to the CIP Reporting “Beats Lab”. This article is for them to offer up some wisdom for architecting their employee licensing application kiosks in their commission lobby with CIP Reporting

History of User Profiles

In our first beats lab article I am going to cover a topic that will benefit any person who is architecting their own solution with CIP Reporting; user profiles and system settings. User profiles are one of the most powerful design features within CIP. User profiles were first created in CIP years ago to help manage user permissions. Imagine a software system where permissions are applied to each user individually … and then imagine that system with 200 users … and then imagine a sweeping policy change to permissions and consider how much work that is. Once upon a time many years ago CIP worked like that and we created user profiles to simplify management of users. The idea was to create a “profile” and assign permissions and rights to that profile and then give that profile to various users. You usually end up with a couple of profiles and a lot of users and when you want to make changes you simply update the single profile which all users inherit from.

Then we had an idea – what if a user could have several profiles? I had seen similar implementations in the past (Eclipse IDE for those who are curious) and they allowed you to select which profile you wanted to use. You can only be in one profile at a time, but when you pick another profile from the always visible drop down – your experience in the software changes drastically. This is a corner stone of architecting solutions in CIP today – crafting user profiles that represent “experiences” or “workspaces” within the software.

Making Profiles Work for You

Today there are a wide variety of configuration options you can implement per-profile in CIP. You can set basic access controls, system settings, read access, write access, edit access to specific reports, and even specify custom buttons, logs, charts, graphs, etc. You can leverage user profiles to do a lot of very helpful things including:

Control access to reports

Create “modules” (I hate using that word)

Define job duties for employees

Achieve Separation of Concerns

Isolate Features for Use as Needed

Really this list could go on and on – as promised user profiles are a corner stone to architecting solutions in CIP and it seems like every day we find a new way to use them to solve problems. I want to call out the last two items and explain in a little more detail what they mean because I think they are really special.

Separation of Concerns

A great example of separation of concerns is implementing anonymous reports for tribal gaming surveillance (If you wonder why this is valuable – consider family relationships involved in the business). To achieve this anonymous reporting we separate the concerns of who writes reports and taking reports out of the system into two profiles. The every day surveillance operator profile is not anonymous but cannot print, email, or download reports. However, every operator has access to another profile which can only read reports but can also download, email, and print reports – with one exception; the reports are sanitized of author information. The sanitation is done by a CIP setting and beyond the discussion here, but the point is each profile has that setting set one way or the other. It takes very deliberate steps to produce a report out of the system and it is guaranteed to be sanitized – of course unless you are the director in which case your profile has different permissions.

Isolating Features

Isolating features is really a house keeping exercise but in a traditional role based system where permissions are assigned to the user directly the system becomes more and more complex to use as the capabilities of the user increases. You might think to yourself “Well Duh.”, but user profiles can change this. Imagine this simple concept – as a director I have to produce a ton of charts, graphs, and reports at the end of the month, quarter, etc. CIP allows you to create nearly infinite reports, charts, and graphs to be recalculated and recalled at the click of a button saving countless hours of tedious labor. However, if you create all these convenient buttons into the profile you use all day long you get a lot of clutter you only use once in a while. So why not create a user profile just for end of month reporting packed full of convenient buttons, logs, charts, graphs, whatever you want! Just switch to that profile when you need it, but keep your day to day profile clean and relevant to the job at hand. After all, simpler is better.

About those Settings

So I promised you a tid-bit about settings as well. CIP has an unfathomable number of settings that give you such detailed control over every behavior of the system that sometimes we have a hard time finding the right setting. This is fine and all – it is nice to have all that control but one setting does not always fit all cases. Following on with my previous example I might want my reports sanitized of all author information. That’s fine if I want that all the time, but who would? I need to know who wrote reports normally – it is only certain special circumstances that I want to sanitize reports. Well its great that CIP has a setting to turn that on, but if I turn that on it sanitizes every report in the system all the time; no bueno. This is where user profiles combined with settings truly is the mark of a CIP expert.

Global Settings vs. Profile Settings

Every setting in the system can be set to your fancy on the admin screen under settings. However, each and every setting in the system can also be defined specifically on a given user profile. The value on the user profile takes precedent over the global setting, thus allowing your profiles to change settings dynamically. This is the key to creating the profiles described above that separate concerns. My global setting says do not sanitize, but my global settings also do not allow me to extract reports. However, I have a profile which in fact can extract reports, but that profile has a setting in it to turn on sanitation. Viola – My operators cannot make a mistake because I have isolated features and separated concerns using user profiles and system settings. So, how do you add a setting to a profile? Easy – edit the profile, and click the add setting button at the top – then search for the desired setting. After adding the setting to the profile it will be on the profile edit screen for you to configure specifically for that profile.

Did I mention there are also user specific setting overrides? Now that will make your head spin.

Parting Thoughts

Hopefully this helps you start to see how user profiles can really change the way your solutions can be architected. They make your system easier to manage, easier to use, and actually give you great tools for controlling how the system is used by your users. There are actually too many things to list in this article which you can do with a user profile, but this gets you started. The rest of the knowledge is one support call away or lingering in another beats lab article.

Jason is the president and CEO of CIP Reporting the gold standard of Risk Management and Incident Reporting Software. Jason is a lifelong technologist and serial entrepreneur with a borderline unhealthy obsession with all things technology and business. Google+